A better approach to security

[Tabor Kelly <tkelly AT taborandtashell.net>]

Hello,

I am a new user of cacert.org (and of the mailing list), so I am sorry 
if I should have sent this message to support AT cacert.org instead (please 
correct me if I am wrong).

First, I am a new user to X.509 and I was very concerned that when the 
cacert.org server created my certificate, it also created my private key 
(I understand that it created my public key). I hopped on the IRC 
channel and wren explained that my browser actually created my private 
key. My point being, that I think this should be explained in the help 
section of the cacert.org web site.

Second, I use thunderbird as my e-mail client. Thunderbird is not 
capable of downloading certificates via URLS. So I downloaded it via 
firefox, backed it up as a .p12 file, and loaded it into thunderbird via 
the .p12 file. My point being, that it took me a long time to figure out 
how to get the certificate into thunderbird, and the cacert.org site did 
not explain how.

Thank You,

Tabor Kelly

PS- I think CAcert.org is great and I originally found it while I was 
looking for somebody to sign my SSL certificates (for https, imaps, and 
STARTTLS over smtp).

PSS- Is it bad form to sign messages going to email lists? This list? 
All lists?